Professional Documents
Culture Documents
Outsourcing Guidelines - SCH II - Form X - 36
Outsourcing Guidelines - SCH II - Form X - 36
1. Core Activities
(a) The Insurance broker shall not outsource any of the following activities in any manner
whatsoever:
i. the functions of the direct/ reinsurance/ composite broker as given in Schedule I – Form A
under Regulation 4.
ii. risk management services unless the broker does not undertake this activity at all.
iii. claims consultancy services unless the broker does not undertake this activity at all.
5. Outsourcing Agreements:
1) Outsourcing arrangements shall be governed by written agreements that are legally
binding for a specified period, subject to periodical renewal, if necessary, that clearly
describe all material aspects of the outsourcing arrangement, including the rights and
obligations of all parties.
2) The outsourcing contracts, inter alia, shall have in place certain clauses or conditions
listed below, as may be applicable:
a) Information and asset ownership rights, information technology, data security and
protection of confidential information;
b) Guarantee or indemnity from the Outsourcing Service Provider towards his commitment
including liability for any failure;
c) Contingency planning of the Outsourcing Service Provider to provide business continuity
for the outsourced arrangement;
d) Express clause that the contract shall neither prevent nor impede Insurance broker from
meeting its respective regulatory obligations, nor the regulator from exercising its
regulatory powers of conducting inspection, investigation, obtaining information from either
the Insurance broker or the Outsourcing Service Provider;
e) The Insurance broker shall ensure that the Outsourcing service provider shall not sub-
contract, whole or substantial portion of any of the Outsourced activity.
f) The Insurance broker shall factor in the additional risk which flows due to subcontracting
at the time of due diligence.
6. Confidentiality and Security: The insurance broker shall satisfy itself that the outsourcing
Service Provider‘s security policies, procedures and controls will enable the insurance broker
to protect confidentiality and security of clients‘/ policyholders‘ information.
7. Legal and Regulatory Obligations: 1) Insurance brokers shall ensure that outsourcing
arrangements shall not:
a) diminish their ability to fulfill their obligations to Clients / Policyholders and the Authority.
b) impede effective supervision by the Authority.
c) result in their internal control, business conduct or reputation being compromised or
weakened.
2) These requirements apply irrespective of whether the outsourcing arrangements are
entered into with an affiliated entity within the same group as the Insurance broker, or an
outsourcing Service Provider external to the group. The Insurance broker shall comply with
the provisions of Companies Act 2013 relating to Related Party Transactions.
3) Outsourcing shall not diminish the obligations of an insurance broker and those of its
Board and Principal Officer to comply with the relevant law/s and regulations.
4) The Insurance broker is ultimately accountable for all acts of commission and omission of
the outsourcing Service Providers.
5) The Insurance broker‘s liability shall not in any way be restricted or limited by way of
outsourcing.
6) All the outsourcing Service providers engaged by insurance brokers are subjected to the
provisions of the Insurance Act,1938, IRDA Act 1999, Rules, Regulations and any other
orders issued thereunder.
7) With the objective of avoiding potential conflict of interest, Insurance brokers shall
endeavour that the Related Parties of Insurance Brokers registered with the Authority shall
ordinarily not be engaged for outsourcing any of the activities.
8) Insurance Brokers shall not outsource any activity that leads to potential conflict of
interest with the functions of the Insurance Brokers.
8. Contingency Plans: 1) Insurance Brokers are expected to establish and maintain adequate
contingency plans.
This includes disaster recovery plans and backup facilities to support the continuation of an
outsourced activity with minimal business disruption in the event of reasonably foreseeable
events that affect the ability of an Outsourcing Service Provider to continue providing the
service.
2) The contingency plans should be appropriate to the potential consequences of a business
disruption resulting from problems at the Outsourcing Service provider and should consider
contingency plans maintained by the Outsourcing Service Provider and their coordination
with the Insurance broker‘s own contingency arrangements.
3) In particular, contingency plans should ensure that the Insurance broker can readily
access all the records necessary to allow it to sustain business operations, meet statutory
obligations, and provide any information relating to the outsourced activity as may be
required by the Authority.
4) Contingency plans should also be regularly reviewed and tested to ensure that they
remain robust, particularly under changing operating conditions.
10. Regulatory Access: 1) Insurance Brokers shall, in all cases, obtain an undertaking from
their outsourcing Service providers or include a provision within the Outsourcing
agreement, giving authorised representatives of the Authority the right to: -
a) examine the books, records, information, systems and the internal control environment
in the Outsourcing Service Provider (or sub-contractor as applicable), to the extent that they
relate to the service being performed for the Insurance broker; and
b) access any internal audit reports or external audit findings of the Outsourcing Service
Provider that concern the service being performed for the Insurance broker.
11. Reporting Requirements: Insurance brokers shall report all the outsourcing
arrangements where annual payout per outsourcing service provider is ten lakh rupees or
more to their Board of Directors for review.